CVE Details

CVE-2026-58644 Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Published: 2026-07-16 CVSS: 9.8 CRITICAL Product: Microsoft SharePoint Due Date: 2026-07-19

Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.

GitHub PoC

Warning: GitHub PoC repositories are unverified. Some may be fake or contain malware. Use caution and review code before running anything.

No GitHub PoC data.

FIRST EPSS

EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.

Timeline

CVE Stalker KEV MITRE GitHub FIRST (EPSS)

MITRE

CVSS

  • Score: 9.8
  • Severity: CRITICAL
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

SSVC

  • Exploitation: none
  • Automatable: yes
  • Technical Impact: total

References

Show Raw Data
Key Remaining Key Value
dataType CVE_RECORD
dataVersion 5.2
cveMetadata > cveId CVE-2026-58644
cveMetadata > assignerOrgId f38d906d-7342-40ea-92c1-6c4a2c6478c8
cveMetadata > state PUBLISHED
cveMetadata > assignerShortName microsoft
cveMetadata > dateReserved 2026-07-01T21:14:44.618Z
cveMetadata > datePublished 2026-07-14T17:05:37.431Z
cveMetadata > dateUpdated 2026-07-16T15:14:30.910Z
containers > cna > title Microsoft SharePoint Remote Code Execution Vulnerability
containers > cna > datePublic 2026-07-14T14:00:00.000Z
containers > cna > cpeApplicability > 0 > nodes > 0 > operator OR
containers > cna > cpeApplicability > 0 > nodes > 0 > negate False
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > vulnerable True
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > criteria cpe:2.3:a:microsoft:sharepoint_server_2016:*:*:*:*:enterprise:*:*:*
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > versionStartIncluding 16.0.0
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > versionEndExcluding 16.0.5556.1005
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > vulnerable True
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > criteria cpe:2.3:a:microsoft:sharepoint_server_2019:*:*:*:*:*:*:*:*
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > versionStartIncluding 16.0.0
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > versionEndExcluding 16.0.10417.20153
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > vulnerable True
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > criteria cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > versionStartIncluding 16.0.0
containers > cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > versionEndExcluding 16.0.19725.20384
containers > cna > affected > 0 > vendor Microsoft
containers > cna > affected > 0 > product Microsoft SharePoint Enterprise Server 2016
containers > cna > affected > 0 > platforms > 0 x64-based Systems
containers > cna > affected > 0 > versions > 0 > version 16.0.0
containers > cna > affected > 0 > versions > 0 > lessThan 16.0.5556.1005
containers > cna > affected > 0 > versions > 0 > versionType custom
containers > cna > affected > 0 > versions > 0 > status affected
containers > cna > affected > 1 > vendor Microsoft
containers > cna > affected > 1 > product Microsoft SharePoint Server 2019
containers > cna > affected > 1 > platforms > 0 x64-based Systems
containers > cna > affected > 1 > versions > 0 > version 16.0.0
containers > cna > affected > 1 > versions > 0 > lessThan 16.0.10417.20153
containers > cna > affected > 1 > versions > 0 > versionType custom
containers > cna > affected > 1 > versions > 0 > status affected
containers > cna > affected > 2 > vendor Microsoft
containers > cna > affected > 2 > product Microsoft SharePoint Server Subscription Edition
containers > cna > affected > 2 > platforms > 0 x64-based Systems
containers > cna > affected > 2 > versions > 0 > version 16.0.0
containers > cna > affected > 2 > versions > 0 > lessThan 16.0.19725.20384
containers > cna > affected > 2 > versions > 0 > versionType custom
containers > cna > affected > 2 > versions > 0 > status affected
containers > cna > descriptions > 0 > value Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.
containers > cna > descriptions > 0 > lang en-US
containers > cna > problemTypes > 0 > descriptions > 0 > description CWE-502: Deserialization of Untrusted Data
containers > cna > problemTypes > 0 > descriptions > 0 > lang en-US
containers > cna > problemTypes > 0 > descriptions > 0 > type CWE
containers > cna > problemTypes > 0 > descriptions > 0 > cweId CWE-502
containers > cna > providerMetadata > orgId f38d906d-7342-40ea-92c1-6c4a2c6478c8
containers > cna > providerMetadata > shortName microsoft
containers > cna > providerMetadata > dateUpdated 2026-07-15T22:23:27.760Z
containers > cna > references > 0 > name Microsoft SharePoint Remote Code Execution Vulnerability
containers > cna > references > 0 > tags > 0 vendor-advisory
containers > cna > references > 0 > tags > 1 patch
containers > cna > references > 0 > url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58644
containers > cna > metrics > 0 > format CVSS
containers > cna > metrics > 0 > scenarios > 0 > lang en-US
containers > cna > metrics > 0 > scenarios > 0 > value GENERAL
containers > cna > metrics > 0 > cvssV3_1 > version 3.1
containers > cna > metrics > 0 > cvssV3_1 > baseSeverity CRITICAL
containers > cna > metrics > 0 > cvssV3_1 > baseScore 9.8
containers > cna > metrics > 0 > cvssV3_1 > vectorString CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
containers > adp > 0 > metrics > 0 > other > type ssvc
containers > adp > 0 > metrics > 0 > other > content > timestamp 2026-07-16T15:14:24.171527Z
containers > adp > 0 > metrics > 0 > other > content > id CVE-2026-58644
containers > adp > 0 > metrics > 0 > other > content > options > 0 > Exploitation none
containers > adp > 0 > metrics > 0 > other > content > options > 1 > Automatable yes
containers > adp > 0 > metrics > 0 > other > content > options > 2 > Technical Impact total
containers > adp > 0 > metrics > 0 > other > content > role CISA Coordinator
containers > adp > 0 > metrics > 0 > other > content > version 2.0.3
containers > adp > 0 > title CISA ADP Vulnrichment
containers > adp > 0 > providerMetadata > orgId 134c704f-9b21-4f2e-91b3-4a467353bcc0
containers > adp > 0 > providerMetadata > shortName CISA-ADP
containers > adp > 0 > providerMetadata > dateUpdated 2026-07-16T15:14:30.910Z